Docker + Caddy
Caddy is simpler than Nginx because it can automatically apply for certificates.
You need to start the project container first, then install and configure Caddy, otherwise the certificate application may fail.
How to get key and secret?
1. Copy Basic Configuration
The following is the basic configuration of vocespace. You need to copy this configuration and specify it when starting the container
1{
2 "livekit": {
3 "key": "devkey",
4 "secret": "secret",
5 "url": "wss://your.server.name"
6 },
7 "codec": "vp9",
8 "resolution": "1080p",
9 "maxBitrate": 3000000,
10 "maxFramerate": 30,
11 "priority": "medium",
12 "redis": {
13 "enabled": true,
14 "host": "your.ip",
15 "port": 6379,
16 "password": "vocespace",
17 "db": 0
18 },
19 "server_url": "your.server.name"
20}
WARNING
your.ip: User host machine IP address, you can use ifconfig | grep inet to view
1inet 127.0.0.1 netmask 0xff000000
2inet 192.168.31.138 netmask 0xffffff00 broadcast 192.168.31.255
In this example 192.168.31.138 is your host machine IP
your.server.name: Domain name for deployment
2. Use Docker to deploy applications
Get VoceSpace Images
VoceSpace contains two images:
- amd:
privoce/vocespace:latest
- arm:
privoce/vocespace:latest_arm
So you need to know your current server architecture to make a choice, see: help-View your own Linux architecture
1# amd
2docker pull privoce/vocespace:latest
3# arm
4docker pull privoce/vocespace:latest_arm
Start Container
You need to start the project container first, then install and configure Caddy, otherwise the certificate application may fail.
1docker run -d \
2 -p 3000:3000 \
3 -v ${PWD}/vocespace.conf.json:/app/vocespace.conf.json \
4 --name vocespace \
5 privoce/vocespace:latest
NOTE
-p 3000:3000: Map the container's port 3000 to the host's port 3000.-v ${PWD}/vocespace.conf.json:/app/vocespace.conf.json: Map the configuration--name: Name the container for easy subsequent management.
2. Install and configure Caddy
INFO
The following is the installation method for Ubuntu/Debian
For other types, please refer to: Caddy install
2.1 Install Caddy
1sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
2curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
3curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
4sudo apt update
5sudo apt install caddy
2.2 Configure Caddy
Caddy supports multiple configuration methods, and also directly supports the use of nginx conf
WARNING
Please make sure you have purchased the domain name and performed DNS resolution
1vim /etc/caddy/Caddyfile
1your.server.name {
2 # webrtc
3 handle /rtc* {
4 reverse_proxy localhost:7880 {
5 header_up Host {host}
6 header_up Upgrade {http.request.header.Upgrade}
7 header_up Connection {http.request.header.Connection}
8 header_up X-Real-IP {remote_host}
9 header_up X-Forwarded-For {remote_host}
10 header_up X-Forwarded-Proto {scheme}
11 }
12 }
13
14 handle /socket.io/* {
15 reverse_proxy localhost:3000 {
16 header_up Host {host}
17 header_up Upgrade {http.request.header.Upgrade}
18 header_up Connection {http.request.header.Connection}
19 header_up X-Real-IP {remote_host}
20 header_up X-Forwarded-For {remote_host}
21 header_up X-Forwarded-Proto {scheme}
22 }
23 }
24
25 # main app https
26 handle {
27 reverse_proxy localhost:3000 {
28 header_up Host {host}
29 header_up Upgrade {http.request.header.Upgrade}
30 header_up Connection {http.request.header.Connection}
31 header_up X-Real-IP {remote_host}
32 header_up X-Forwarded-For {remote_host}
33 header_up X-Forwarded-Proto {scheme}
34 }
35 }
36
37 # log optional
38 #log {
39 # output file /var/log/caddy/your.server.name.log
40 # level DEBUG
41 #}
42}
3. Start livekit-server
Like local deployment, you also need to start livekit-server to support webrtc. You can choose to download livekit and start it as in local deployment, or you can use docker deployment
Download livekit-server
1curl -sSL https://get.livekit.io | bash
After the download is completed, it will usually be in /usr/local/bin/livekit-server
Create configuration
We provide a minimal configuration to help you deploy quickly. First, create the configuration file vim /etc/livekit.yml
1port: 7880
2bind_addresses:
3 - "0.0.0.0"
4rtc:
5 tcp_port: 7881
6 port_range_start: 50000
7 port_range_end: 60000
8 use_external_ip: true
9 enable_loopback_candidate: false
10turn:
11 enabled: false
12 domain: turn.vocespace.xyz
13 tls_port: 5349
14 udp_port: 3478
15 external_tls: true
16keys:
17 devkey: secret
Start in the background using nohup
By using nohup you can start livekit-server in the background and output the logs to /usr/local/bin/logs/livekit_output.log for easy viewing
1nohup /usr/local/bin/livekit-server --config /etc/livekit.yml > /usr/local/bin/logs/livekit_output.log 2>&1 &
4. Download and start Redis
1brew install redis
2brew services start redis -- --requirepass "vocespace" --bind 0.0.0.0 --protected-mode no
Restart and enable Caddy
1systemctl stop caddy
2systemctl enabled caddy
3systemctl start caddy
Cloud Server Description
Configure Security Group/Firewall
When using cloud servers, such as Alibaba Cloud, Tencent Cloud, Google Cloud, etc., you need to configure the security group/firewall of the server.
| port |
type |
ingress/egress |
allow ip |
| 3000 |
tcp |
ingress |
0.0.0.0/0 Ipv4 |
| 3000 |
tcp |
egress |
0.0.0.0/0 Ipv4 |
| 7880 |
tcp |
ingress |
0.0.0.0/0 Ipv4 |
| 7881 |
tcp |
ingress |
0.0.0.0/0 Ipv4 |
| 80 |
tcp |
ingress |
0.0.0.0/0 Ipv4 |
| 443 |
tcp |
ingress |
0.0.0.0/0 Ipv4 |
| 50000~60000 |
udp |
ingress |
0.0.0.0/0 Ipv4 |
Restart and enabled Caddy
1systemctl stop caddy
2systemctl enabled caddy
3systemctl start caddy
